Friday, January 27th, 2023 10:34:23

Desolation Of Internet

Updated: October 15, 2014 2:08 pm

The internet is crippling with a new type of vulnerability known as Shellshock. Will these repeated attacks on the internet cause annihilation of the cyberspace?

The internet is again hit by a one-of-its kind of bug which will not only affect the internet but also the internet-connected devices. Commonly known as Shellshock, the bug potentially affects around 500 million of websites. Previously, Heartbleed caused havoc on the internet stands nowhere in front of this bug. This is because, unlike Heartbleed, which had limited access for the hacker, Shellshock can be exploited with just a couple of lines of code. It is now relatively simple for any hacker to intrude in to a large portion of the world’s computers and extract wide variety of sensitive details.

What is Shellshock?

In technical terms, Shellshock is a vulnerability in a Unix programme known as Bash. Bash is present on almost every Unix-like system like Linux, Mac OS X and Android present in the world. Intruding via this bug, hackers can send commands to a computer without having admin status, letting them plant malicious software within systems. Shellshock also has the potential to be turned into a worm—a self-replicating piece of code that automatically propagates to all Shellshock-vulnerable systems, potentially causing untold damage.

Who are vulnerable to Shellshock?

Bash, or GNU Bash to give its proper name, was created 25 years ago as a free replacement for Unix’s Bourne shell. It is distributed with just about every flavour of Linux, and it’s the default shell for Mac OS X. Every version of Bash for the last 25 years, up to and including version 4.3, is vulnerable to the Shellshock vulnerability. Apple users are considered to be worst-hit by this bug as Apple Mac computers, which uses the Bash software which the bug exploits directly in the form of its command-line program Terminal. Researchers think that Shellshock could be trouble for Mac users.

How to protect ?

The only available solution for Shellshock is to install a patched version of the Bash. For normal people, the real concern will be updating any and all devices that run some kind of Linux-flavored operating system and have a vulnerable version of Bash. At the very least, this will probably mean a lot of wireless routers need to be patched. Other smart and internet-of-things (IoT) devices may also need to be patched: Smart TVs, smart fridges, WiFi-connected thermostats, and any similar household or office doodads. The Shellshock vulnerability to automatically spread across the internet, patching vulnerable computers and devices as it goes.

By Rohan Pal

Comments are closed here.